Auto factory-reset AMAPI issue
We are facing auto hard reset issue on multiple Android manufacturer like oneplus xiomi samsung redmi oppo vivo. We are android gold partner and managing more than 7lakh plus devices via zero touch enrollment and tried contacting enterprise support but getting no proper resolution. can some one please help to find what is the reason behind auto hard reset.
We have validated our policies and other given factors also the devices which are in fully compliance are getting hard reset. We can see in GCP console in Android Management API device.delete command is getting call'd in bulk below is the screenshot for reference
We removed and commented out "device.delete" method from the plugin's code. Despite removing the method, mass hard resets continue to occur.
But disabling the associated service account stops these reset requests. Re-enabling the service account results in the resumption of the "delete" API executions.
Now not sure how to get out of this. Just curious to know do DPC android app has a control to execute device.delete command. And who else other us can execute device.delete command with our service account.
Below are the few this which i'm suspecting.
1. zero touch
2. DPC Google Mobile App
Zero-Touch will only execute factory reset devices when not enrolled using Zero-Touch during enrollment but devices have an assigned configuration in the Zero-Touch-Portal (ZTP). This happens as soon as a device get'S a internet connection and receives that information. Then you have up to 2 hours before a wipe is forced.
I can't say anything to the Google DPC app, as i never used it yet.
If you enroll devices inta an MDM, every user with access to the MDM and relevant permissions in it can send a wipe to (a) device(s).